Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Websense Vendors:   Websense
Websense Enterprise Lets Remote Users Bypass Web Filtering With Modified User-Agent Values
SecurityTracker Alert ID:  1019094
SecurityTracker URL:
CVE Reference:   CVE-2007-6511   (Links to External Site)
Updated:  Feb 17 2008
Original Entry Date:  Dec 13 2007
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 6.3.1
Description:   A vulnerability was reported in Websense Enterprise. A remote user can bypass web filtering.

A remote user can set their User-Agent header value to certain values to bypass the web filtering function.

mrhinkydink reported this vulnerability.

Impact:   A remote user can bypass web filtering.
Solution:   The vendor has issued a fix (database version 92938).
Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Red Hat Enterprise), Linux (Red Hat Linux), UNIX (Solaris - SunOS), Windows (2000), Windows (2003)

Message History:   None.

 Source Message Contents

Subject:  [Full-disclosure] Fwd: Websense 6.3.1 Filtering Bypass

Mr. HinkyDink would like to share the following with the Security Community...

---------- Forwarded message ----------
From:  <>
Date: Dec 12, 2007 6:05 PM
Subject: Websense 6.3.1 Filtering Bypass

Please share this with your little friends...


Websense Policy Filtering Bypass
discovered by mrhinkydink

PRODUCT: Websense Enterprise 6.3.1

EXPOSURE: Web Filtering Bypass


By spoofing the User-Agent header it is possible to bypass filtering and,
to a lesser extent, monitoring in a Websense Enterprise 6.3.1 environment.


The following was tested in an unpatched 6.3.1 system using the ISA Server
integration product.  It is assumed it will work with other integration
products but this has not been tested.  Other User Agents may also work.

I.  Install FireFox 2.0.x

II. Obtain and install the User Agent Switcher browser plug-in  by Chris

III. Add the following User Agents to the plug-in

     Description: RealPlayer
     User Agent : RealPlayer G2

     Description: MSN Messenger
     User Agent : MSMSGS

     Description: WebEx
     User Agent : StoneHttpAgent

IV.  Change FireFox's User Agent to any one of the preceding values

V.   Browse to a filtered Web site

VI.  Content is allowed

Content browsed via this method will be recorded in the Websense database
as being in the "Non-HTTP" category.


Websense KnowledgeBase article #976

The vendor acknowledges this behavior in the aforementioned article.

Disable the protocols mentioned above.

Websense has repaired this issue in database #92938

mrhinkydink is not to be confused with the blogger by the same name

c. MMVII mrhinkydink

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC